Analysis of the SMS4 block cipher

Liu Fen*, Ji Wen, Hu Lei, Ding Jintai, Lv Shuwang, Andrei Pyshkin, Ralf Philipp Weinmann

*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review

38 Citations (Scopus)

Abstract

SMS4 is a 128-bit block cipher used in the WAPI standard for providing data confidentiality in wireless networks. In this paper we investigate and explain the origin of the S-Box employed by the cipher, show that an embedded cipher similar to BES can be obtained for SMS4 and demonstrate the fragility of the cipher design by giving variants that exhibit 264 weak keys. We also show attacks on reduced round versions of the cipher. The best practical attack we found is an integral attack that works on 10 rounds out of 32 rounds with a complexity of 218 operations; it can be extended to 13 rounds using round key guesses, resulting in a complexity of 2114 operations and a data complexity of 216 chosen pairs.

Original languageEnglish
Title of host publicationInformation Security and Privacy - 12th Australasian Conference, ACISP 2007, Proceedings
Pages158-170
Number of pages13
Publication statusPublished - 2007
Externally publishedYes
Event12th Australasian Conference on Information Security and Privacy, ACISP2007 - Townsville, Australia
Duration: 2 Jul 20074 Jul 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4586 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th Australasian Conference on Information Security and Privacy, ACISP2007
Country/TerritoryAustralia
CityTownsville
Period2/07/074/07/07

Keywords

  • Algebraic structure
  • Block ciphers
  • Cryptanalysis
  • UFN

Fingerprint

Dive into the research topics of 'Analysis of the SMS4 block cipher'. Together they form a unique fingerprint.

Cite this